- Apr 24, 2016
The fight against ransomware is a two-front battle waged both on home PCs and corporate workstations. How well does security software protect against these diabolical encryption attackers? In the current November test, 15 Internet security suites for consumer users and 13 solutions for corporate users showed how well they stacked up in ten realistic scenarios against an attack via e-mail, script, macro or ransomware. The Advanced Threat Protection test proves that detection of the attacker alone is not always sufficient. That is why the lab clearly spells out in the test results all the steps, from the time the attack is launched until it is fended off – or until encryption occurs.
In its series of so-called Advanced Threat Protection tests, the lab at AV-TEST put 15 well-known Internet security suites for consumer users and 13 solutions for corporate users to the test under Windows 10. In ten defined scenarios, the testers explain step-by-step how the attacks unfold and what happens in between. The evaluation clearly shows that detection of malware alone does not always protect against the consequence of partial or complete encryption.
15 well-known protection packages for consumer users from the manufacturers Avast, AVG, Bitdefender, BullGuard, F-Secure, G DATA, Kaspersky, Malwarebytes, Microsoft, Microworld, Norton, PC Matic, Protected.net, Quick Heal and VIPRE Security were put to the test.
For corporate users, 13 endpoint solutions underwent a test regimen. The products involved were from Avast, Bitdefender (two versions), Comodo, F-Secure, G DATA, Kaspersky, Malwarebytes, Microsoft, Seqrite, Sophos, Symantec and VMware.
For consumer users: the November result of the Advanced Threat Protection tests
In the Advanced Threat Protection test of the 15 Internet security solutions, 9 of the 15 packages demonstrated that they effectively protected against ransomware in actual conditions. The following products achieved the maximum protection score of 36 points in all 10 attack scenarios: Bitdefender Internet Security, F-Secure SAFE, G Data Total Security, Kaspersky Internet Security, Microsoft Defender, Microworld eScan Internet Security Suite, PC Matic, Quick Heal Total Security and VIPRE AdvancedSecurity.
While Malwarebytes Premium did identify all threats, it experienced the problem in two instances so that in the end, encryption did occur. This added up to a total protection score of 34 points instead of 36.
The packages BullGuard Internet Security, Norton 360 and Protected.net Total AV followed with 33 out of 36 points, each detecting 9 attackers. All three packages missed detection of one attacker from one scenario, and accordingly, all the files were encrypted by the ransomware.
In the final field were the protection packages from Avast and AVG, each scoring 30 out of 36 points and with 8 out of 10 attackers identified. In two cases, there was no positive detection, thus everything was encrypted.
For corporate users: the November result of the Advanced Threat Protection tests
The Advanced Threat Protection test of endpoint solutions for companies yielded even better results. In this case, even 10 out of the 13 tested business products achieved the maximum protection score of 36 points through seamless detection of all 10 attackers. It involved the solutions Bitdefender Endpoint Security, Bitdefender Endpoint Security (Ultra), Comodo Client Security, F-Secure Elements Endpoint Protection, G DATA Endpoint Protection Business, Kaspersky Endpoint Security, Microsoft Defender Antivirus, Seqrite Endpoint Security, Sophos Intercept X Advanced and VMware Carbon Black Cloud.
In two instances, Malwarebytes Endpoint Protection was able to identify the attacker, but could not stop it. As a consequence, encryption occurred at the end of both attacks. The protection score was 34 out of 36 points despite 10 out of 10 detections.
Avast Business Antivirus Pro Plus and Symantec Endpoint Security Complete detected 8 out of 10 attackers. The two that made it through undetected carried out an encryption. That is why in both cases, no points were awarded towards the protection score and the overall rating remained 30 out of a possible 36 points.
The fight against ransomware is a two-front battle waged both on home PCs and corporate workstations. How well does security software protect against these diabolical encryption attackers? In the current November test, 15 Internet security suites for consumer users and 13 solutions for corporate...